Quantum security of hash functions and property-preservation of iterated hashing
This work addresses the security of hash functions for cryptography in the quantum era, providing foundational insights but is largely incremental as it adapts existing classical notions to quantum settings.
The paper comprehensively studies the security of cryptographic hash functions against quantum attacks and examines whether iterated hash constructions preserve security properties in the quantum setting, confirming implications and separations between seven properties and proving that the ROX construction preserves these properties in the quantum random oracle model.
This work contains two major parts: comprehensively studying the security notions of cryptographic hash functions against quantum attacks and the relationships between them; and revisiting whether Merkle-Damgard and related iterated hash constructions preserve the security properties of the compression function in the quantum setting. Specifically, we adapt the seven notions in Rogaway and Shrimpton (FSE'04) to the quantum setting and prove that the seemingly stronger attack model where an adversary accesses a challenger in quantum superposition does not make a difference. We confirm the implications and separations between the seven properties in the quantum setting, and in addition we construct explicit examples separating an inherently quantum notion called collapsing from several proposed properties. Finally, we pin down the properties that are preserved under several iterated hash schemes. In particular, we prove that the ROX construction in Andreeva et al. (Asiacrypt'07) preserves the seven properties in the quantum random oracle model.